The Application log is used for storing IP log information on the sensor. There are two locations that you can view statistics on your Application log. In IME/IDM, it is located on the dashboard for the device, it will be under the CPU, memory and diskusage load measurements. You can also see it in the output of the "show version" CLI command.
The "application-log" is actually the /usr/cids/idsRoot/var/iplog disk partition. You can see it with the "df -h" command for the service account on the IDS.
For example, the 4255 sensor is configured to pre-create 512 storage files that are each 1Mbyte in size. When IP Logs get created they get stored in these pre-created storage files.
The files are created once on startup and new files are never created. The sensor uses these pre-created files as a sort of circular buffer for the storage of the IP Log files.
Since there will never be any more files, the sensor is safe to create the /usr/cids/idsRoot/var/iplog disk partition to just slightly larger than the 512 Mbytes that these files use up.
So the % that you see for the application log, even if high, usage is perfectly normal and will never increase or decrease. It should always remain the same while the sensor is running.
NOTE: Sometimes the number of storage files changes, or the size of the disk partition may change during a Major Update, Minor Update, or Service Pack. So you might see a difference in percentage between one version and another. But you should not see it change as long as the same version is running.
You will also see a difference between different types of sensors. A 4240 for example, may only create 128 storage files instead of 512 storage files. So the 4240 may only use up 128 M byte. If the partition is still set to slightly more than 512 M bytes, then the percentage on the 4240 will be quite a bit less than that seen on a 4255, but this is not a problem. And the 4240 percentage usage will remain unchanged so long as the same version is running. It is just simply the difference in how the 2 platforms use memory.
Hi - We currently have a slew of public facing email addresses that route to our internal mail server for agents to handle. We're going to move this process to the salesforce cloud and were provided one-to-one new address to redirect to: examp...
We have the Endpoint purge to delete any thing over 365 days, but this wasn't working as standard since in was installedSo disabled and enabled again and this seem to fix it, as had just under 200k endpoints captured. But it removed all clients that ...
I need to remove the "a=crypto:" part from my SDP header to my ISP SDP header from PureCloud via TLSContent-Type: application/sdpUser-Agent: ININ-EDGE/18.104.22.16858Content-Length: 351v=0o=- 2580238779 3812407684 IN IP4 172.24.22.90s=-c=IN IP4 172.24.22....
I activated the securityk9 license on the next boot on 2 x 4331 routers and it changed to "EvalRightToUse" so i could configure TLS and so forth.I just want to confirm the below statement with Cisco, but to my knowledge this should be fine for us in other...
I've setup "AAA and Certificate" for tunnel group and import Root CA into CA certificate on the ASA.I also setup "CertificateStore" as "Machine" and enable "CertificateStoreOverride" on the client profile. According to the debug result, the VPN ...